Google patches critical CI RCE in Gemini CLI and tightens workspace trust

May 1, 2026 at 10:42 PM

•

1 min read

Google patches critical CI RCE in Gemini CLI and tightens workspace trust — Photo: The Hacker News

TL;DR Summary

Google fixed a critical remote code execution in the Gemini CLI used in CI workflows, addressing a 10.0 CVSS flaw that could load malicious configuration from untrusted folders. Updates require explicit workspace trust and offer two paths: set GEMINI_TRUST_WORKSPACE='true' for trusted inputs or follow Google's hardening guidance for untrusted inputs (including changes to the --yolo mode). Separately, Novee Security highlighted a high-severity Cursor vulnerability (CVE-2026-26268, CVSS 8.1) enabling prompt-injection-based code execution via a malicious Git hook, plus a related CursorJacking-like local API-key access flaw; both underscore risks from untrusted inputs and extensions and emphasize using trusted sources and restricted access.

Topics:technology #code-execution #cybersecurity #gemini-cli #google #security

Share this article

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution The Hacker News
Google fixes CVSS 10.0 vulnerability in Gemini CLI theregister.com
Google Gemini CLI Vulnerabilities Allow Attackers to Execute Commands on Host Systems CyberSecurityNews
Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks SecurityWeek
Developers warned to avoid 'early-access' Google Gemini tools IT Pro

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 5 min read

Condensed

90%

964 → 100 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights